Important: Red Hat Security Advisory: gimp:2.8 security update

An update for the gimp:2.8 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this...

RHEL 8 : gimp:2.8 (RHSA-2025:9309)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:9309 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...

RHEL 9 : gimp (RHSA-2025:9314)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:9314 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...

RHEL 9 : gimp (RHSA-2025:9162)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:9162 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...

QNAP NAS/NVR Administrator Hash Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'QNAP NAS/NVR Administrator Hash Disclosure', 'Description' = %q This module exploits combined heap and stack buffer overflows for QNAP NAS and NV...

RHEL 7 : dosfstools (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dosfstools: Heap-buffer-overflows in readfat and getfat functions CVE-2016-4804 - The setfat function in...

RHEL 5 : dosfstools (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dosfstools: Heap-buffer-overflows in readfat and getfat functions CVE-2016-4804 - The setfat function in...

RHEL 6 : dosfstools (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dosfstools: Heap-buffer-overflows in readfat and getfat functions CVE-2016-4804 - The setfat function in...

ALSA-2024:2996 Moderate: xorg-x11-server-Xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty CVE-2023-5367 xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions CVE-2023-6377 xorg-x11-server: out-of-bounds...

CVE-2024-2212

Summary: CVE-2024-2212 affects Eclipse ThreadX prior to 6.4.0 due to missing parameter checks in the FreeRTOS compatibility API functions xQueueCreate() and xQueueCreateSet() (utility/rtos_compatibility_layers/FreeRTOS/tx_freertos.c). This can cause integer wraparound, under-allocations, and heap...

CVE-2024-2212 Integer wraparounds, under-allocations, and heap buffer overflows in Eclipse ThreadX xQueueCreate() and xQueueCreateSet()

In Eclipse ThreadX before 6.4.0, xQueueCreate and xQueueCreateSet functions from the FreeRTOS compatibility API utility/rtoscompatibilitylayers/FreeRTOS/txfreertos.c were missing parameter checks. This could lead to integer wraparound, under-allocations and heap buffer overflows...

CVE-2024-2212 Integer wraparounds, under-allocations, and heap buffer overflows in Eclipse ThreadX xQueueCreate() and xQueueCreateSet()

In Eclipse ThreadX before 6.4.0, xQueueCreate and xQueueCreateSet functions from the FreeRTOS compatibility API utility/rtoscompatibilitylayers/FreeRTOS/txfreertos.c were missing parameter checks. This could lead to integer wraparound, under-allocations and heap buffer overflows...

BIT-TENSORFLOW-2021-29520 Heap buffer overflow in `Conv3DBackprop*`

TensorFlow is an end-to-end open source platform for machine learning. Missing validation between arguments to tf.rawops.Conv3DBackprop operations can result in heap buffer overflows. This is because the...

CentOS 9 : libtiff-4.4.0-7.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the libtiff-4.4.0-7.el9 build changelog. - Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds...

EulerOS Virtualization 3.0.6.0 : libtiff (EulerOS-SA-2023-2241)

According to the versions of the libtiff packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For use...

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-2126)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.0 : libtiff (EulerOS-SA-2023-1936)

According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A stack overflow was discovered in the TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a...

Oracle Linux 9 : libtiff (ELSA-2023-2340)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2340 advisory. - Fix CVE-2022-3970 - Resolves: CVE-2022-3970 - Fix CVE-2022-3597 CVE-2022-3626 CVE-2022-3599 CVE-2022-3570 CVE-2022-3598 CVE-2022-3627 Tenable has...

RHEL 9 : libtiff (RHSA-2023:2340)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2340 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: heap Buff...

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-1509)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...